98
submitted 9 months ago* (last edited 9 months ago) by pop@lemmy.ml to c/privacy@lemmy.ml

So I was going through /all and this admin is snooping at vote counts for posts in his instance and then posting it publicly.

Just a reminder that these kind of petty people exist. Pick a trustworthy instance or better yet, host your own.

Archive: https://archive.md/oybyL

you are viewing a single comment's thread
view the rest of the comments
[-] LWD@lemm.ee 2 points 9 months ago

Off day ๐Ÿ˜‰

I should have been more specific when I said website, as... If you scan my other comments, you might have the hint that I have access to one such Lemmy instance. And they federate with minimal effort. I don't know how to automate it yet, but it wasn't hard to do so manually.

[-] 7heo@lemmy.ml 1 points 9 months ago* (last edited 9 months ago)

I'm actually curious to know if federated instances share the data of their federated instances... if so, there is a proper reason to be actually alarmed, as ACLs would essentially be cosmetic only.

[-] LWD@lemm.ee 1 points 9 months ago

Can you be more specific? I might be able to hunt down answers.

Recently, federation vulnerabilities got exploited by an ex-Truth Social employee who apparently believes consent is only when someone shouts "no" at him, so pretty much anything is possible (without even going through the effort of spinning some kind of proxy server, if I'm reading this correctly).

[-] 7heo@lemmy.ml 1 points 9 months ago

Well, as in let's say instance A is federated to B, B federated to C, A blacklisted C.

So, clearly, A isn't getting data about C. It will drop it on ingress (I expect).

But, will C have access to the exact same data about A, through B, that it would have access to from A if not blocked by A?

[-] LWD@lemm.ee 2 points 9 months ago* (last edited 9 months ago)

"Indirect federation" (what I ended up eventually trying to find info on) appears non-existent.

That answered the question, I think, but it caused me to ask a few more, like this one:

What happens if a community is on Server A and Person C wants to check out how Person B is interacting on it. I think, in that case, that Person C can check out Person B's profile and see comments left on a Server A community, but they cannot navigate to the post itself because Server A would not send the content to their server.

It's relatively easy to switch servers, by clicking the little rainbow icon next to a particular comment to see the server where it would have been viewed in Person B's context, but servers on their own are not running around scraping missing data... At least, not as they are currently designed.

ETA: More background on the major defederation in question (mostly political, not technical)

[-] 7heo@lemmy.ml 2 points 9 months ago

Thanks for digging and reporting on this, but I'm gonna take a break with my phone (the main way I interact with Lemmy), since it is such a steaming pile of shit.

I'll try to find a way to use Lemmy on a proper OS without using the horrendous web interface (hopefully there are cool clients out there), and then I'll see. ๐Ÿ‘‹

this post was submitted on 30 Jan 2024
98 points (81.4% liked)

Privacy

31949 readers
474 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS